I would be interested to know whether a protocol exists such that it grants that the two end-points taking part to the communication cannot be traced (i.e. They can deny the communication ever took part).

I'm not sure if that's looking for, but you might want to look into the concept of covert channels. That is hiding the communication in another channel, such that no outsider can even decide whether you are communicating. springerlink.com/content/vd77nrnclcryhtt7springerlink.com/content/666gebulnumwj403 these two paper should have something on that topic if I remember correctly. But maybe I misunderstood what you are trying to achieve.
–
MaeherJul 10 '12 at 15:23

2 Answers
2

Anonymity - the two end points must not be able to discover the other's location or identity, nor must any other party be able to identify either endpoint.

Plausible Deniability - both parties must be able to plausibly deny that they participated in the conversation.

The problem with this type of communication over the Internet is that packets must be routable. You need a way to ensure that messages can be passed between the two end points.

I'm not sure there is a protocol for this per se, but you should definitely look into anonymity networks such as Tor. These work by creating a network of nodes that facilitate anonymous communication.

Tor's anonymity works on the principle that information about a particular conversation is only partially known by any node.

A conversation is created by chaining a number of nodes together, between a source and client. The message is encrypted using EndPoint2's public key. The public keys of Node1, Node2 and Node3 are used to encrypt the identity of Node2, Node3 and EndPoint2 respectively, to produce a chain.

EndPoint1 <---> Node1 <---> Node2 <---> Node3 <---> EndPoint2

From this, we can construct a list of what each participant knows:

Node1 knows EndPoint1's identity and Node2's identity

Node2 knows Node1's identity and Node3's identity

Node3 knows Node2's identity EndPoint2's identity

EndPoint2 knows Node3's identity and the message

Notice that no single node knows about both EndPoint1 and EndPoint2, and only EndPoint2 knows the message. The communications between each node are encrypted, so it is impossible for an attacker to know if a node is the originator of a message or just a node in the chain.

When it comes to the final destination of the message, Tor can use both hidden services (Tor nodes with services running on them) and normal internet services. In the latter case, the message is encrypted with the final node's key, so that it can read the message and talk to the target. If the target is a plaintext service, a compromised node might perform a MitM attack. As such, it's best practice to use SSL or a similar secure protocol when talking to non-Tor services.

Anonymous channels like mix networks and Tor allows messages to be untraceable, meaning the content of the message can be learnt but the originator of the message cannot be determined. (See answer by Polynomial for details).

Deniable channels like OTR Messaging allow the content of the message to denied (after the message is sent, either party can make up alternative messages that "fit" the cryptographic transcript) but does not protect the fact that a conversation about something took place.